CAPEC-687 Category Detail

CAPEC-687

Acquisition and Deployment
Draft
2022-09-29
00h00 +00:00
CAPEC Mitre.org
Alerte pour un CAPEC
Stay informed of any changes for a specific CAPEC.
Notifications manage

Name: Acquisition and Deployment

Attack patterns within this category focus on the exploitation of weaknesses within the Acquisition and Deployment phase of the CISA Supply Chain Lifecycle.

CAPEC Members List

CAPEC-536: Data Injected During Configuration Base

CAPEC Informations

Submission

Name Organization Date Date release
CAPEC Content Team The MITRE Corporation 2022-09-29 +00:00

References

REF-718

Supply Chain Risks for Information and Communication Technology
https://www.cisa.gov/sites/default/files/publications/19_0424_cisa_nrmc_supply-chain-risks-for-information-and-communication-technology.pdf
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.